Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/4A1C6D5458D011EEB285FE40C4F9AE02.roa
File: 4A1C6D5458D011EEB285FE40C4F9AE02.roa (raw, json)
Hash identifier: hGtKPpI9+C2CUESpW/iQ2c6exwNcrNHsYAtG8EFmsCc=
Subject key identifier: 37:DC:B8:B1:82:CF:EC:BE:DB:2F:15:02:37:4C:67:42:BF:F4:B0:96
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0273
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/4A1C6D5458D011EEB285FE40C4F9AE02.roa
Signing time: Thu 21 Sep 2023 22:43:32 +0000
ROA not before: Thu 21 Sep 2023 22:43:32 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 211619
IP address blocks: 203.32.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 02:30:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 627 (0x273)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Sep 21 22:43:32 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=650cc713-55a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:17:7b:4d:f0:9a:0f:1d:81:a8:65:c6:26:
36:d1:6d:4b:36:2d:8c:6d:72:8e:81:65:5d:4d:a2:
0d:ed:56:d4:58:f4:f3:32:b6:f0:23:e3:eb:59:3b:
a0:0c:a9:81:7c:82:85:a6:b2:ef:cd:89:51:3d:93:
24:a9:b6:f3:6f:f0:b4:53:04:bd:db:e3:5b:9b:07:
83:11:f5:75:27:0b:5c:d8:a0:e7:4e:2e:4f:0e:84:
fa:ce:2c:9b:78:38:0f:63:46:1f:b5:a0:30:07:e0:
da:c9:2b:b8:78:72:2b:44:02:2c:c0:35:7a:93:25:
e6:a0:1f:24:1b:e6:e4:53:6c:7b:4b:82:cc:be:bd:
bc:34:2b:51:fa:bc:45:00:bf:21:47:bd:58:97:6a:
69:6b:2b:b0:29:19:86:56:1e:37:1f:d7:d7:24:db:
9f:5d:a9:49:38:3a:f8:fe:09:5b:c4:40:bb:ad:f0:
de:a3:6b:9e:57:20:d7:d5:14:25:95:08:dc:cb:ff:
79:d1:78:db:8c:d3:69:fc:d5:b7:a2:cb:56:31:4a:
7b:36:1f:38:c8:c1:ba:a3:fd:30:ce:96:2b:ec:81:
84:93:d8:6f:01:c8:a3:fe:e1:87:8a:4b:b3:a6:85:
f9:8c:ac:9e:d3:7d:88:20:c6:0d:18:52:19:76:88:
f5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DC:B8:B1:82:CF:EC:BE:DB:2F:15:02:37:4C:67:42:BF:F4:B0:96
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/4A1C6D5458D011EEB285FE40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.28.0/24
Signature Algorithm: sha256WithRSAEncryption
59:36:3b:12:52:07:d6:56:b5:34:2f:7e:22:55:9c:b9:a4:21:
af:3f:16:4d:2a:88:4a:89:1c:18:20:27:d4:40:68:ad:23:39:
b1:d4:94:ef:7d:a2:ad:fc:21:f5:0c:b2:82:42:7e:d5:44:c8:
3e:a8:a7:99:8d:54:9a:c2:eb:9b:56:70:20:08:ea:95:5d:ff:
f4:b1:9a:f6:c7:40:3f:8b:36:f9:ed:c8:f0:35:12:55:c4:b0:
ce:71:7a:65:39:bb:b7:1c:b7:03:6a:e7:4b:a2:33:02:11:0a:
af:2f:12:d5:c6:09:2f:38:3e:84:ad:23:f7:c8:32:01:f6:76:
0b:d6:47:15:04:40:7c:cb:37:ce:d3:52:79:69:d6:26:fc:a6:
c6:99:e6:28:26:a7:d1:ab:89:07:96:ed:ef:4b:b3:89:bc:2e:
82:b2:38:17:22:fb:a0:2e:ec:e3:99:05:6f:f2:65:e9:79:bc:
c0:db:76:b7:f9:62:86:1a:73:95:23:54:c6:81:b9:7d:d1:5a:
36:39:23:3b:d3:77:8b:21:18:24:2f:fc:c2:8d:a0:e7:ee:4a:
56:c4:b7:20:54:ca:2a:4d:43:9e:ae:a4:df:5c:84:ce:d0:5a:
74:81:97:58:d8:7a:43:85:04:7e:83:e4:4c:83:70:16:72:aa:
3a:1d:ce:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjMwOTIxMjI0MzMyWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTBjYzcxMy01NWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoEEXe03wmg8dgahlxiY20W1LNi2MbXKOgWVdTaIN7VbUWPTzMrbwI+PrWTug
DKmBfIKFprLvzYlRPZMkqbbzb/C0UwS92+NbmweDEfV1Jwtc2KDnTi5PDoT6ziyb
eDgPY0YftaAwB+DaySu4eHIrRAIswDV6kyXmoB8kG+bkU2x7S4LMvr28NCtR+rxF
AL8hR71Yl2ppayuwKRmGVh43H9fXJNufXalJODr4/glbxEC7rfDeo2ueVyDX1RQl
lQjcy/950XjbjNNp/NW3ostWMUp7Nh84yMG6o/0wzpYr7IGEk9hvAcij/uGHikuz
poX5jKye032IIMYNGFIZdoj1RQIDAQABo4IClTCCApEwHQYDVR0OBBYEFDfcuLGC
z+y+2y8VAjdMZ0K/9LCWMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvNEExQzZENTQ1
OEQwMTFFRUIyODVGRTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBwwDQYJKoZIhvcNAQELBQADggEBAFk2OxJSB9ZWtTQv
fiJVnLmkIa8/Fk0qiEqJHBggJ9RAaK0jObHUlO99oq38IfUMsoJCftVEyD6op5mN
VJrC65tWcCAI6pVd//SxmvbHQD+LNvntyPA1ElXEsM5xemU5u7cctwNq50uiMwIR
Cq8vEtXGCS84PoStI/fIMgH2dgvWRxUEQHzLN87TUnlp1ib8psaZ5igmp9GriQeW
7e9Ls4m8LoKyOBci+6Au7OOZBW/yZel5vMDbdrf5YoYac5UjVMaBuX3RWjY5IzvT
d4shGCQv/MKNoOfuSlbEtyBUyipNQ56upN9chM7QWnSBl1jYekOFBH6D5EyDcBZy
qjodzpg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:33 2024 by rpki-client on console-fra.rpki-client.org